Network security and potential threats
Introduction
There are many threats to security on a network. In this section, we will detail the most common ones and how to deal with them.
Viruses, worms and trojan horses
A virus is a program that has been written by someone. It can replicate itself, be attached to files and applications and can cause a lot of damage because it can change the contents of your hard disk as well as use up your memory. They can spread very quickly, usually by shared storage devices or email attachments. Ideally, you should never share storage devices. You should never open an email attachment unless you know and can trust where it comes from (by checking a digital certificate, for example). Attachments to be especially careful of include file names ending in .exe .bat .pif .scr and .vbs. Other types of viruses include ‘Worms’ and ‘Trojan horses’. Worms are programs that can spread themselves via vulnerable network connections. They are standalone programs, unlike viruses, which ‘piggyback’ on other programs. In addition to unauthorised use of systems and causing damage, they can take up a lot of bandwidth as they spread and slow networks right down. A particularly nasty one called MSBlaster affected computers worldwide in August 2003. It spread very quickly, hunting for computers on the Internet without a firewall. When it found one, it jumped into the computer through the open communication port and infected it without the user knowing - until their PC closed down every time an Internet connection was made!! Another one, W32.Sobig.F@mm mails itself to all the email addresses it can find on an infected computer. Trojan horses are viruses hidden inside seemingly innocent programs. They, too, can cause major problems for your computer.
You should always have an anti-virus program on your computer and you need to ensure that the virus patterns are always up-to-date. Updating virus patterns typically happens at least once a day. An up-to-date anti-virus program will catch most viruses, worms and trojan horses most of the time.
Spyware and adware
These are both types of malicious software (called 'malware' for short). Spyware is the name given to software that gets access to your computer without you knowing, often because you have downloaded and installed free software from the Internet. Spyware can change the settings on your computer and interfere with or slow down your internet experience. Spyware can also gather information silently about your computer habits and personal information and transmit them to unauthorised people. Adware is software that gets access to your computer, again usually because you have downloaded free software from the Internet or you have downloaded legitamate software but it cam bundled with adware. You often have the option to not install adware when installing any software so be careful about just clicking OK - OK - OK when installing new software! Always check to see if there is a screen that is asking if you want to install extra software that has nothing to do with the main software. Adware can cause adverts to pop up on your screen or in your browser and can add adverts to whatever browser you are using and can be very annoying. 
You should frequently run software designed specifically to identify and destroy spyware and adware. Two such programs are:
and Adaware from
Phishing
This is a term used to describe when criminals try to get hold of your credit card details or other personal information by pretending to be someone they are not over the Internet. They do this by sending out bogus emails e.g. pretending to be from a bank and asking you to confirm passwords for security reasons or by setting up a web site that looks like it is a legitimate business and luring you into entering personal data, perhaps by advertising very cheap prices for goods. Despite numerous warnings that organisations never ask for personal details by email, and reminding people that if an offer is too good to be trueit probably is, people fall victim to Phishing attacks regularly and can suffer huge financial loses. 
Cookies
A cookie is text file deposited onto your computer by a website that you have been to. When you next visit the website, the cookie detects that you have been there before and can display content based on what has been accessed previously or can retrieve information entered last time, such as personal details or account details. It's not a threat to your computer as such but many people block cookies on their computer because they don’t like the idea that information is being collected about their surfing habits and potentially, being sent back to the websites that they visit. Websites now have to legally ask your permission to put a cookie on your computer.
Hackers and hacking
Hackers try to get unauthorised access to your computer by 'hacking' into it (breaking in to it). Firewalls, described later, are an excellent way of preventing hackers from getting into a network and most companies and individuals set one up on their system.
http and https
When you request a website from a web browser, it is sent to your computer using a set of standards known as http. This is not secure so somebody potentially could intercept this communication and see what has been requested. If you are sending, for example, your personal details or a password across the Internet using a web page, or requesting a web page with your personal finances on, then there is a serious risk these details could be intercepted and used for criminal activities, such as stealing from your bank or identity theft. To prevent this, companies use the https protocol rather than the http one. https stands for Hyper Text Transfer Protocol Secure and is the secure version of http. If you are using an https website then you can reasonably expect that you are communicating with the website you were intending to communicate with and that any communications are encrypted automatically so can't be intercepted and used by criminals.
Free hotspots and https
You should assume that at all times on a public network, someone else is watching what you have on your screen and can see all of your communications. When you use a free local hotspot with wifi on a phone, tablet or laptop, your communications are especially vulnerable. Anyone on these types of unencrypted networks, with the right freely available software, can capture the packets of data that make up communications across networks and can steal any information you send or receive. It is also perfectly possibly for an unscrupulous criminal to set up what appears to be a free local hotspot for you to use, which you unwittingly connect to. They can then easily see everything you are doing on your computer. It is very important to only use encrypted communications across any public network and to use https at all times for anything sensitive. However, the best course of action is to not use public networks for anything at all that is sensitive.
Virtual Private Networks (VPNs)
Many people go on holiday, go travelling or go on business these days and they need constant access to the Internet. We know that this presents a serious security risk so what can people do. The best solution by far is to ensure that all communications between you and whatever websites you are using on a public network or a network that you cannot trust are encrypted. The best solution is to rent a Virtual Private Network service. This can cost just a few pounds a month. What happens when you sign up is that you download and install some client software. When you go to a public hotspot and log on, the client software makes contact with the VPN service and your computer and the VPN exchange security keys, to verify to each other that you are authentic. Once this has been done, all of your communications are encrypted and go via the VPN service. Apart from encrypting everything, the VPN service masks your IP address. This can be useful if you want to watch your favourite program on catch-up TV via the Internet whilst on holiday but you can only do so if you are in the UK.
No system is 100% secure
Of course, it is possible for the VPN service to intercept your communications if they wanted to. Companies and individuals who are concerned about this check carefully in the Terms and Conditions whether a VPN company logs communications. Most don't but the weak link in any 'secure' system are the employees, who could do something unauthorised or illegal if given an opportunity and reason!
